← back
CVE-2020-24363

CVE-2020-24363

CVSS 8.8 HIGHEPSS 20.7%● KEVCWE-306
Vexday Risk Score
76High priority
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
CVSS 8.8EPSS 20.7%KEV simPoC públicaNuclei Metasploit Patch
Lifecycle
31 Aug 2020Published on NVD
23 Nov 2020Public PoC
02 Sep 2025Active exploitation (CISA KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short

A TP-Link WiFi repeater (TL-WA855RE V5) can be factory reset by anyone on the same network without any password, allowing an attacker to set a new admin password and take control of the device.

Technical detail

An unauthenticated attacker on the same local network can send a TDDP_RESET POST request to trigger a factory reset and reboot, bypassing access control mechanisms (CWE-306). Post-reset, the attacker can configure a new administrative password, achieving full device compromise.

Summary generated and translated by AI from the official description.
TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/49092unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://malwrforensics.com/en/2020/08/31/cve-2020-24363-tl-wa855re-v5-advisory/https://pastebin.com/VjHM4UiAhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-24363https://www.tp-link.com/us/support/download/tl-wa855re/#Firmware